Replies

Assuming both your Cisco routers have a hardware VPN module, your simplest option is to create a VPN tunnel between the two sites. You would also need to have an IOS image loaded on your routers that supports crypto.

You can check by logging into the router and typing "show version" - if it gives this piece of information, then you know that your router has a VPN module:

"1 Virtual Private Network (VPN) Module"

If you don't have VPN modules in your routers, then I'm fairly certain that you can't do what you're looking to do securely. Assuming both your DSL lines give you a static IP address, you could begin routing between them, but your traffic would not be encrypted and is therefore not secure.

Some routers (i.e. Cisco 1700 series) support VPN, but don't come with the module fitted as standard; with some routers, it is possible to buy the module as an add-on.

If ever your IOS doesn't support crypto, you can always use GRE tunneling. If it does then you can run GRE/IPSEC for additional security. This way, you can run routing protocol between your 2 sites. Let's just hope that they give you a static IP address.

This configuration template works well for us. When correctly entered, you should find that it sets up an IPSec tunnel between the two routers, and runs a GRE tunnel over it. This gives a nice secure connection.

You will need to route each site's inside subnet across the tunnel so that devices on each site can contact each other.